Data Centre Reliability Checklist

By Amy Nutt Planning, creating, and building a data centre can be one of the most expensive tasks an IT director can face. In order to maximize cost effectiveness and achieve optimum performance, reliability is key. Data centre size can range from one room in an office to an entire building, but there are some […]

Read the full article →

World Bank Data Breach

In breaking news directly related to data security policies, FoxNews is reporting that the World Bank has suffered possibly “the worst security breach ever at a global financial institution”:  The World Bank Group’s computer network — one of the largest repositories of sensitive data about the economies of every nation — has been raided repeatedly […]

Read the full article →

Deloitte Laptop Stolen

In a breaking news story directly related to data security policies, it sounds like Deloitte had another laptop stolen yesterday, 9 Oct 2008. Here’s an excerpt from the UK Computing article here: A laptop owned by consultancy Deloitte which held information about staff under BSkyB’s pension plan has been stolen, Computing can reveal. The computer […]

Read the full article →

Data Security Policy For ECommerce Merchants

By Joe Cole Combating fraudulent transactions starts with creating and implementing your organization’s data security policy. Consumers expect that eCommerce merchants protect the personal payment information they provide during a transaction and that it will only be used for completing the transaction. They also expect that merchants explain the measures and procedures they have set […]

Read the full article →

Sophisticated Attacks on Community Financial Institutions Increasing!

By Gale Yocom In today’s’ high tech world, maintaining the privacy and protection of customers and employees’ information grows more and more difficult particularly for many financial institutions. These days’ scammers are getting bolder and more brazen in their abilities to get personal information from banking customers as they aggressively target the smaller locally owned […]

Read the full article →

Is an AUP the best approach?

There’s an interesting section in the Wikipedia entry for Acceptable Use Policies called “Is an AUP the best approach?” here. Here’s an excerpt: In a well respected essay on the topic of AUP documents, Dave Kinnaman, raises the issue as to whether writing and enforcing AUP documents is the right way to approach the governance […]

Read the full article →

Customer Data Security Policy

I really like the easy-to-read-and-understand customer data security policy from ING Direct here. I wish more companies wrote such simple and clear policies. Here’s an exerpt: We take every reasonable precaution to protect your information. When you submit information to us through our web site, your information is protected both on-line and off-line. All data […]

Read the full article →

Information Security Best Practices Presentation

I found a great presentation called “Best Practices in Corporate Privacy & Information Security” by Donald Cohn at the infolaw.org site here. Donald covers lots of security policies starting on slide 22. These are the policies he lists under Information Classification & Protection: Information Classification & Protection Information Classification Information Retention Anti-Virus Software Application/Software Development […]

Read the full article →

Vista Hardening Guide

If you’re planning on deploying Windows Vista, make sure you follow the Windows Vista Security Guide available from Microsoft Technet here. This is a description of the hardening guide: This guide focuses on how to help create and maintain a secure environment for desktop and laptop computers that run Windows Vista. The guide explains the […]

Read the full article →

Disaster Recovery Policy

The Laptop Security Blog over at www.absolute.com has an interesting post about how the Auditor General of Canada says government agencies aren’t upholding the Government Security Policy (GSP). In particular, the Auditor General said that the security policy doesn’t include a disaster recovery plan. Even if you work in a company you can expect that […]

Read the full article →

← Previous Entries

Next Entries →